rhsa-2022_4671
Vulnerability from csaf_redhat
Published
2022-05-18 19:43
Modified
2024-11-06 00:54
Summary
Red Hat Security Advisory: Red Hat OpenShift GitOps security update

Notes

Topic
An update is now available for Red Hat OpenShift GitOps 1.3 in openshift-gitops-argocd container. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Security Fix(es): * argocd: ArgoCD will blindly trust JWT claims if anonymous access is enabled (CVE-2022-29165) * argocd: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server (CVE-2022-24904) * argocd: Login screen allows message spoofing if SSO is enabled (CVE-2022-24905) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.



{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update is now available for Red Hat OpenShift GitOps 1.3 in openshift-gitops-argocd container.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications.\n\nSecurity Fix(es):\n\n* argocd: ArgoCD will blindly trust JWT claims if anonymous access is enabled (CVE-2022-29165)\n\n* argocd: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server (CVE-2022-24904)\n\n* argocd: Login screen allows message spoofing if SSO is enabled (CVE-2022-24905)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2022:4671",
        "url": "https://access.redhat.com/errata/RHSA-2022:4671"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "2081686",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2081686"
      },
      {
        "category": "external",
        "summary": "2081689",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2081689"
      },
      {
        "category": "external",
        "summary": "2081691",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2081691"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_4671.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat OpenShift GitOps security update",
    "tracking": {
      "current_release_date": "2024-11-06T00:54:49+00:00",
      "generator": {
        "date": "2024-11-06T00:54:49+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.1.1"
        }
      },
      "id": "RHSA-2022:4671",
      "initial_release_date": "2022-05-18T19:43:12+00:00",
      "revision_history": [
        {
          "date": "2022-05-18T19:43:12+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2022-05-18T19:43:12+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-06T00:54:49+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat OpenShift GitOps 1.3",
                "product": {
                  "name": "Red Hat OpenShift GitOps 1.3",
                  "product_id": "8Base-GitOps-1.3",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift_gitops:1.3::el8"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat OpenShift GitOps"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openshift-gitops-1/applicationset-rhel8@sha256:6def698fb89067d2259a34bced9080d3c7b509b711fda795d73f427f9068c1ba_amd64",
                "product": {
                  "name": "openshift-gitops-1/applicationset-rhel8@sha256:6def698fb89067d2259a34bced9080d3c7b509b711fda795d73f427f9068c1ba_amd64",
                  "product_id": "openshift-gitops-1/applicationset-rhel8@sha256:6def698fb89067d2259a34bced9080d3c7b509b711fda795d73f427f9068c1ba_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/applicationset-rhel8@sha256:6def698fb89067d2259a34bced9080d3c7b509b711fda795d73f427f9068c1ba?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/applicationset-rhel8\u0026tag=v1.3.10-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-gitops-1/argocd-rhel8@sha256:2c780222e3aeaffb466f04f5948d474921e9f2a3cc217c4dcc7f83ae268b55a1_amd64",
                "product": {
                  "name": "openshift-gitops-1/argocd-rhel8@sha256:2c780222e3aeaffb466f04f5948d474921e9f2a3cc217c4dcc7f83ae268b55a1_amd64",
                  "product_id": "openshift-gitops-1/argocd-rhel8@sha256:2c780222e3aeaffb466f04f5948d474921e9f2a3cc217c4dcc7f83ae268b55a1_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/argocd-rhel8@sha256:2c780222e3aeaffb466f04f5948d474921e9f2a3cc217c4dcc7f83ae268b55a1?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.3.10-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-gitops-1/gitops-rhel8@sha256:97871502a00aee8f673601da76111cc39a13088517d6e1d07882f0c4cc249ffc_amd64",
                "product": {
                  "name": "openshift-gitops-1/gitops-rhel8@sha256:97871502a00aee8f673601da76111cc39a13088517d6e1d07882f0c4cc249ffc_amd64",
                  "product_id": "openshift-gitops-1/gitops-rhel8@sha256:97871502a00aee8f673601da76111cc39a13088517d6e1d07882f0c4cc249ffc_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/gitops-rhel8@sha256:97871502a00aee8f673601da76111cc39a13088517d6e1d07882f0c4cc249ffc?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.3.10-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-gitops-1/dex-rhel8@sha256:54bb64a4d6e3044d99f534cce1fbbb2053f8880139a98fddb9e405a71c067359_amd64",
                "product": {
                  "name": "openshift-gitops-1/dex-rhel8@sha256:54bb64a4d6e3044d99f534cce1fbbb2053f8880139a98fddb9e405a71c067359_amd64",
                  "product_id": "openshift-gitops-1/dex-rhel8@sha256:54bb64a4d6e3044d99f534cce1fbbb2053f8880139a98fddb9e405a71c067359_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/dex-rhel8@sha256:54bb64a4d6e3044d99f534cce1fbbb2053f8880139a98fddb9e405a71c067359?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.3.10-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:c1aa038cbdef8e2eadb2fee362249aa85e5678a4367f9bdd4320de63e27ef705_amd64",
                "product": {
                  "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:c1aa038cbdef8e2eadb2fee362249aa85e5678a4367f9bdd4320de63e27ef705_amd64",
                  "product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:c1aa038cbdef8e2eadb2fee362249aa85e5678a4367f9bdd4320de63e27ef705_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/kam-delivery-rhel8@sha256:c1aa038cbdef8e2eadb2fee362249aa85e5678a4367f9bdd4320de63e27ef705?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.3.10-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-gitops-1/gitops-operator-bundle@sha256:6cf4377fd2efa8ae4965dae8e6cc7cd7017fd739e43618d6daea61244fe40d47_amd64",
                "product": {
                  "name": "openshift-gitops-1/gitops-operator-bundle@sha256:6cf4377fd2efa8ae4965dae8e6cc7cd7017fd739e43618d6daea61244fe40d47_amd64",
                  "product_id": "openshift-gitops-1/gitops-operator-bundle@sha256:6cf4377fd2efa8ae4965dae8e6cc7cd7017fd739e43618d6daea61244fe40d47_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/gitops-operator-bundle@sha256:6cf4377fd2efa8ae4965dae8e6cc7cd7017fd739e43618d6daea61244fe40d47?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-operator-bundle\u0026tag=v1.3.10-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:95e2be5c2578571d6461ec691466c95f5928fc25e97f7161b98b2a9496a22b5b_amd64",
                "product": {
                  "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:95e2be5c2578571d6461ec691466c95f5928fc25e97f7161b98b2a9496a22b5b_amd64",
                  "product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:95e2be5c2578571d6461ec691466c95f5928fc25e97f7161b98b2a9496a22b5b_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/gitops-rhel8-operator@sha256:95e2be5c2578571d6461ec691466c95f5928fc25e97f7161b98b2a9496a22b5b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.3.10-1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "amd64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-gitops-1/applicationset-rhel8@sha256:6def698fb89067d2259a34bced9080d3c7b509b711fda795d73f427f9068c1ba_amd64 as a component of Red Hat OpenShift GitOps 1.3",
          "product_id": "8Base-GitOps-1.3:openshift-gitops-1/applicationset-rhel8@sha256:6def698fb89067d2259a34bced9080d3c7b509b711fda795d73f427f9068c1ba_amd64"
        },
        "product_reference": "openshift-gitops-1/applicationset-rhel8@sha256:6def698fb89067d2259a34bced9080d3c7b509b711fda795d73f427f9068c1ba_amd64",
        "relates_to_product_reference": "8Base-GitOps-1.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-gitops-1/argocd-rhel8@sha256:2c780222e3aeaffb466f04f5948d474921e9f2a3cc217c4dcc7f83ae268b55a1_amd64 as a component of Red Hat OpenShift GitOps 1.3",
          "product_id": "8Base-GitOps-1.3:openshift-gitops-1/argocd-rhel8@sha256:2c780222e3aeaffb466f04f5948d474921e9f2a3cc217c4dcc7f83ae268b55a1_amd64"
        },
        "product_reference": "openshift-gitops-1/argocd-rhel8@sha256:2c780222e3aeaffb466f04f5948d474921e9f2a3cc217c4dcc7f83ae268b55a1_amd64",
        "relates_to_product_reference": "8Base-GitOps-1.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-gitops-1/dex-rhel8@sha256:54bb64a4d6e3044d99f534cce1fbbb2053f8880139a98fddb9e405a71c067359_amd64 as a component of Red Hat OpenShift GitOps 1.3",
          "product_id": "8Base-GitOps-1.3:openshift-gitops-1/dex-rhel8@sha256:54bb64a4d6e3044d99f534cce1fbbb2053f8880139a98fddb9e405a71c067359_amd64"
        },
        "product_reference": "openshift-gitops-1/dex-rhel8@sha256:54bb64a4d6e3044d99f534cce1fbbb2053f8880139a98fddb9e405a71c067359_amd64",
        "relates_to_product_reference": "8Base-GitOps-1.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-gitops-1/gitops-operator-bundle@sha256:6cf4377fd2efa8ae4965dae8e6cc7cd7017fd739e43618d6daea61244fe40d47_amd64 as a component of Red Hat OpenShift GitOps 1.3",
          "product_id": "8Base-GitOps-1.3:openshift-gitops-1/gitops-operator-bundle@sha256:6cf4377fd2efa8ae4965dae8e6cc7cd7017fd739e43618d6daea61244fe40d47_amd64"
        },
        "product_reference": "openshift-gitops-1/gitops-operator-bundle@sha256:6cf4377fd2efa8ae4965dae8e6cc7cd7017fd739e43618d6daea61244fe40d47_amd64",
        "relates_to_product_reference": "8Base-GitOps-1.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:95e2be5c2578571d6461ec691466c95f5928fc25e97f7161b98b2a9496a22b5b_amd64 as a component of Red Hat OpenShift GitOps 1.3",
          "product_id": "8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8-operator@sha256:95e2be5c2578571d6461ec691466c95f5928fc25e97f7161b98b2a9496a22b5b_amd64"
        },
        "product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:95e2be5c2578571d6461ec691466c95f5928fc25e97f7161b98b2a9496a22b5b_amd64",
        "relates_to_product_reference": "8Base-GitOps-1.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-gitops-1/gitops-rhel8@sha256:97871502a00aee8f673601da76111cc39a13088517d6e1d07882f0c4cc249ffc_amd64 as a component of Red Hat OpenShift GitOps 1.3",
          "product_id": "8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8@sha256:97871502a00aee8f673601da76111cc39a13088517d6e1d07882f0c4cc249ffc_amd64"
        },
        "product_reference": "openshift-gitops-1/gitops-rhel8@sha256:97871502a00aee8f673601da76111cc39a13088517d6e1d07882f0c4cc249ffc_amd64",
        "relates_to_product_reference": "8Base-GitOps-1.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:c1aa038cbdef8e2eadb2fee362249aa85e5678a4367f9bdd4320de63e27ef705_amd64 as a component of Red Hat OpenShift GitOps 1.3",
          "product_id": "8Base-GitOps-1.3:openshift-gitops-1/kam-delivery-rhel8@sha256:c1aa038cbdef8e2eadb2fee362249aa85e5678a4367f9bdd4320de63e27ef705_amd64"
        },
        "product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:c1aa038cbdef8e2eadb2fee362249aa85e5678a4367f9bdd4320de63e27ef705_amd64",
        "relates_to_product_reference": "8Base-GitOps-1.3"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-24904",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "discovery_date": "2022-05-04T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2081691"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Argo CD starting with version 0.7.0 and prior to versions 2.1.15m 2.2.9, and 2.3.4 is vulnerable to a symlink following bug allowing a malicious user with repository write access to leak sensitive files from Argo CD\u0027s repo-server. A malicious Argo CD user with write access for a repository which is (or may be) used in a directory-type Application may commit a symlink which points to an out-of-bounds file. Sensitive files which could be leaked include manifest files from other Applications\u0027 source repositories (potentially decrypted files, if you are using a decryption plugin) or any JSON-formatted secrets which have been mounted as files on the repo-server. A patch for this vulnerability has been released in Argo CD versions 2.3.4, 2.2.9, and 2.1.15. Users of versions 2.3.0 or above who do not have any Jsonnet/directory-type Applications may disable the Jsonnet/directory config management tool as a workaround.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "argocd: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-GitOps-1.3:openshift-gitops-1/applicationset-rhel8@sha256:6def698fb89067d2259a34bced9080d3c7b509b711fda795d73f427f9068c1ba_amd64",
          "8Base-GitOps-1.3:openshift-gitops-1/argocd-rhel8@sha256:2c780222e3aeaffb466f04f5948d474921e9f2a3cc217c4dcc7f83ae268b55a1_amd64",
          "8Base-GitOps-1.3:openshift-gitops-1/dex-rhel8@sha256:54bb64a4d6e3044d99f534cce1fbbb2053f8880139a98fddb9e405a71c067359_amd64",
          "8Base-GitOps-1.3:openshift-gitops-1/gitops-operator-bundle@sha256:6cf4377fd2efa8ae4965dae8e6cc7cd7017fd739e43618d6daea61244fe40d47_amd64",
          "8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8-operator@sha256:95e2be5c2578571d6461ec691466c95f5928fc25e97f7161b98b2a9496a22b5b_amd64",
          "8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8@sha256:97871502a00aee8f673601da76111cc39a13088517d6e1d07882f0c4cc249ffc_amd64",
          "8Base-GitOps-1.3:openshift-gitops-1/kam-delivery-rhel8@sha256:c1aa038cbdef8e2eadb2fee362249aa85e5678a4367f9bdd4320de63e27ef705_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-24904"
        },
        {
          "category": "external",
          "summary": "RHBZ#2081691",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2081691"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-24904",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-24904"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24904",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24904"
        },
        {
          "category": "external",
          "summary": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-6gcg-hp2x-q54h",
          "url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-6gcg-hp2x-q54h"
        }
      ],
      "release_date": "2022-05-18T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-05-18T19:43:12+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-GitOps-1.3:openshift-gitops-1/applicationset-rhel8@sha256:6def698fb89067d2259a34bced9080d3c7b509b711fda795d73f427f9068c1ba_amd64",
            "8Base-GitOps-1.3:openshift-gitops-1/argocd-rhel8@sha256:2c780222e3aeaffb466f04f5948d474921e9f2a3cc217c4dcc7f83ae268b55a1_amd64",
            "8Base-GitOps-1.3:openshift-gitops-1/dex-rhel8@sha256:54bb64a4d6e3044d99f534cce1fbbb2053f8880139a98fddb9e405a71c067359_amd64",
            "8Base-GitOps-1.3:openshift-gitops-1/gitops-operator-bundle@sha256:6cf4377fd2efa8ae4965dae8e6cc7cd7017fd739e43618d6daea61244fe40d47_amd64",
            "8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8-operator@sha256:95e2be5c2578571d6461ec691466c95f5928fc25e97f7161b98b2a9496a22b5b_amd64",
            "8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8@sha256:97871502a00aee8f673601da76111cc39a13088517d6e1d07882f0c4cc249ffc_amd64",
            "8Base-GitOps-1.3:openshift-gitops-1/kam-delivery-rhel8@sha256:c1aa038cbdef8e2eadb2fee362249aa85e5678a4367f9bdd4320de63e27ef705_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:4671"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "8Base-GitOps-1.3:openshift-gitops-1/applicationset-rhel8@sha256:6def698fb89067d2259a34bced9080d3c7b509b711fda795d73f427f9068c1ba_amd64",
            "8Base-GitOps-1.3:openshift-gitops-1/argocd-rhel8@sha256:2c780222e3aeaffb466f04f5948d474921e9f2a3cc217c4dcc7f83ae268b55a1_amd64",
            "8Base-GitOps-1.3:openshift-gitops-1/dex-rhel8@sha256:54bb64a4d6e3044d99f534cce1fbbb2053f8880139a98fddb9e405a71c067359_amd64",
            "8Base-GitOps-1.3:openshift-gitops-1/gitops-operator-bundle@sha256:6cf4377fd2efa8ae4965dae8e6cc7cd7017fd739e43618d6daea61244fe40d47_amd64",
            "8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8-operator@sha256:95e2be5c2578571d6461ec691466c95f5928fc25e97f7161b98b2a9496a22b5b_amd64",
            "8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8@sha256:97871502a00aee8f673601da76111cc39a13088517d6e1d07882f0c4cc249ffc_amd64",
            "8Base-GitOps-1.3:openshift-gitops-1/kam-delivery-rhel8@sha256:c1aa038cbdef8e2eadb2fee362249aa85e5678a4367f9bdd4320de63e27ef705_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "argocd: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server"
    },
    {
      "cve": "CVE-2022-24905",
      "cwe": {
        "id": "CWE-290",
        "name": "Authentication Bypass by Spoofing"
      },
      "discovery_date": "2022-05-04T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2081689"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. A vulnerability was found in Argo CD prior to versions 2.3.4, 2.2.9, and 2.1.15 that allows an attacker to spoof error messages on the login screen when single sign on (SSO) is enabled. In order to exploit this vulnerability, an attacker would have to trick the victim to visit a specially crafted URL which contains the message to be displayed. As far as the research of the Argo CD team concluded, it is not possible to specify any active content (e.g. Javascript) or other HTML fragments (e.g. clickable links) in the spoofed message. A patch for this vulnerability has been released in Argo CD versions 2.3.4, 2.2.9, and 2.1.15. There are currently no known workarounds.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "argocd: Login screen allows message spoofing if SSO is enabled",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-GitOps-1.3:openshift-gitops-1/applicationset-rhel8@sha256:6def698fb89067d2259a34bced9080d3c7b509b711fda795d73f427f9068c1ba_amd64",
          "8Base-GitOps-1.3:openshift-gitops-1/argocd-rhel8@sha256:2c780222e3aeaffb466f04f5948d474921e9f2a3cc217c4dcc7f83ae268b55a1_amd64",
          "8Base-GitOps-1.3:openshift-gitops-1/dex-rhel8@sha256:54bb64a4d6e3044d99f534cce1fbbb2053f8880139a98fddb9e405a71c067359_amd64",
          "8Base-GitOps-1.3:openshift-gitops-1/gitops-operator-bundle@sha256:6cf4377fd2efa8ae4965dae8e6cc7cd7017fd739e43618d6daea61244fe40d47_amd64",
          "8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8-operator@sha256:95e2be5c2578571d6461ec691466c95f5928fc25e97f7161b98b2a9496a22b5b_amd64",
          "8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8@sha256:97871502a00aee8f673601da76111cc39a13088517d6e1d07882f0c4cc249ffc_amd64",
          "8Base-GitOps-1.3:openshift-gitops-1/kam-delivery-rhel8@sha256:c1aa038cbdef8e2eadb2fee362249aa85e5678a4367f9bdd4320de63e27ef705_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-24905"
        },
        {
          "category": "external",
          "summary": "RHBZ#2081689",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2081689"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-24905",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-24905"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24905",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24905"
        },
        {
          "category": "external",
          "summary": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-xmg8-99r8-jc2j",
          "url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-xmg8-99r8-jc2j"
        }
      ],
      "release_date": "2022-05-18T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-05-18T19:43:12+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-GitOps-1.3:openshift-gitops-1/applicationset-rhel8@sha256:6def698fb89067d2259a34bced9080d3c7b509b711fda795d73f427f9068c1ba_amd64",
            "8Base-GitOps-1.3:openshift-gitops-1/argocd-rhel8@sha256:2c780222e3aeaffb466f04f5948d474921e9f2a3cc217c4dcc7f83ae268b55a1_amd64",
            "8Base-GitOps-1.3:openshift-gitops-1/dex-rhel8@sha256:54bb64a4d6e3044d99f534cce1fbbb2053f8880139a98fddb9e405a71c067359_amd64",
            "8Base-GitOps-1.3:openshift-gitops-1/gitops-operator-bundle@sha256:6cf4377fd2efa8ae4965dae8e6cc7cd7017fd739e43618d6daea61244fe40d47_amd64",
            "8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8-operator@sha256:95e2be5c2578571d6461ec691466c95f5928fc25e97f7161b98b2a9496a22b5b_amd64",
            "8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8@sha256:97871502a00aee8f673601da76111cc39a13088517d6e1d07882f0c4cc249ffc_amd64",
            "8Base-GitOps-1.3:openshift-gitops-1/kam-delivery-rhel8@sha256:c1aa038cbdef8e2eadb2fee362249aa85e5678a4367f9bdd4320de63e27ef705_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:4671"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "8Base-GitOps-1.3:openshift-gitops-1/applicationset-rhel8@sha256:6def698fb89067d2259a34bced9080d3c7b509b711fda795d73f427f9068c1ba_amd64",
            "8Base-GitOps-1.3:openshift-gitops-1/argocd-rhel8@sha256:2c780222e3aeaffb466f04f5948d474921e9f2a3cc217c4dcc7f83ae268b55a1_amd64",
            "8Base-GitOps-1.3:openshift-gitops-1/dex-rhel8@sha256:54bb64a4d6e3044d99f534cce1fbbb2053f8880139a98fddb9e405a71c067359_amd64",
            "8Base-GitOps-1.3:openshift-gitops-1/gitops-operator-bundle@sha256:6cf4377fd2efa8ae4965dae8e6cc7cd7017fd739e43618d6daea61244fe40d47_amd64",
            "8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8-operator@sha256:95e2be5c2578571d6461ec691466c95f5928fc25e97f7161b98b2a9496a22b5b_amd64",
            "8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8@sha256:97871502a00aee8f673601da76111cc39a13088517d6e1d07882f0c4cc249ffc_amd64",
            "8Base-GitOps-1.3:openshift-gitops-1/kam-delivery-rhel8@sha256:c1aa038cbdef8e2eadb2fee362249aa85e5678a4367f9bdd4320de63e27ef705_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "argocd: Login screen allows message spoofing if SSO is enabled"
    },
    {
      "cve": "CVE-2022-29165",
      "cwe": {
        "id": "CWE-551",
        "name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
      },
      "discovery_date": "2022-05-04T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2081686"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the ArgoCD component of Red Hat GitOps, where an unauthenticated attacker can craft a malicious JWT token while ArgoCD\u0027s anonymous access is enabled and gains full access to the ArgoCD instance. This flaw allows the attacker to impersonate any ArgoCD user or role, fully compromising the targeted cluster\u0027s confidentiality, integrity, and availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "argocd: ArgoCD will blindly trust JWT claims if anonymous access is enabled",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The anonymous mode is by default disabled in the ArgoCD instance installed by the Red Hat GitOps operator.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-GitOps-1.3:openshift-gitops-1/applicationset-rhel8@sha256:6def698fb89067d2259a34bced9080d3c7b509b711fda795d73f427f9068c1ba_amd64",
          "8Base-GitOps-1.3:openshift-gitops-1/argocd-rhel8@sha256:2c780222e3aeaffb466f04f5948d474921e9f2a3cc217c4dcc7f83ae268b55a1_amd64",
          "8Base-GitOps-1.3:openshift-gitops-1/dex-rhel8@sha256:54bb64a4d6e3044d99f534cce1fbbb2053f8880139a98fddb9e405a71c067359_amd64",
          "8Base-GitOps-1.3:openshift-gitops-1/gitops-operator-bundle@sha256:6cf4377fd2efa8ae4965dae8e6cc7cd7017fd739e43618d6daea61244fe40d47_amd64",
          "8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8-operator@sha256:95e2be5c2578571d6461ec691466c95f5928fc25e97f7161b98b2a9496a22b5b_amd64",
          "8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8@sha256:97871502a00aee8f673601da76111cc39a13088517d6e1d07882f0c4cc249ffc_amd64",
          "8Base-GitOps-1.3:openshift-gitops-1/kam-delivery-rhel8@sha256:c1aa038cbdef8e2eadb2fee362249aa85e5678a4367f9bdd4320de63e27ef705_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-29165"
        },
        {
          "category": "external",
          "summary": "RHBZ#2081686",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2081686"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-29165",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-29165"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-29165",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29165"
        },
        {
          "category": "external",
          "summary": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-r642-gv9p-2wjj",
          "url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-r642-gv9p-2wjj"
        }
      ],
      "release_date": "2022-05-18T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-05-18T19:43:12+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-GitOps-1.3:openshift-gitops-1/applicationset-rhel8@sha256:6def698fb89067d2259a34bced9080d3c7b509b711fda795d73f427f9068c1ba_amd64",
            "8Base-GitOps-1.3:openshift-gitops-1/argocd-rhel8@sha256:2c780222e3aeaffb466f04f5948d474921e9f2a3cc217c4dcc7f83ae268b55a1_amd64",
            "8Base-GitOps-1.3:openshift-gitops-1/dex-rhel8@sha256:54bb64a4d6e3044d99f534cce1fbbb2053f8880139a98fddb9e405a71c067359_amd64",
            "8Base-GitOps-1.3:openshift-gitops-1/gitops-operator-bundle@sha256:6cf4377fd2efa8ae4965dae8e6cc7cd7017fd739e43618d6daea61244fe40d47_amd64",
            "8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8-operator@sha256:95e2be5c2578571d6461ec691466c95f5928fc25e97f7161b98b2a9496a22b5b_amd64",
            "8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8@sha256:97871502a00aee8f673601da76111cc39a13088517d6e1d07882f0c4cc249ffc_amd64",
            "8Base-GitOps-1.3:openshift-gitops-1/kam-delivery-rhel8@sha256:c1aa038cbdef8e2eadb2fee362249aa85e5678a4367f9bdd4320de63e27ef705_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:4671"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 10.0,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-GitOps-1.3:openshift-gitops-1/applicationset-rhel8@sha256:6def698fb89067d2259a34bced9080d3c7b509b711fda795d73f427f9068c1ba_amd64",
            "8Base-GitOps-1.3:openshift-gitops-1/argocd-rhel8@sha256:2c780222e3aeaffb466f04f5948d474921e9f2a3cc217c4dcc7f83ae268b55a1_amd64",
            "8Base-GitOps-1.3:openshift-gitops-1/dex-rhel8@sha256:54bb64a4d6e3044d99f534cce1fbbb2053f8880139a98fddb9e405a71c067359_amd64",
            "8Base-GitOps-1.3:openshift-gitops-1/gitops-operator-bundle@sha256:6cf4377fd2efa8ae4965dae8e6cc7cd7017fd739e43618d6daea61244fe40d47_amd64",
            "8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8-operator@sha256:95e2be5c2578571d6461ec691466c95f5928fc25e97f7161b98b2a9496a22b5b_amd64",
            "8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8@sha256:97871502a00aee8f673601da76111cc39a13088517d6e1d07882f0c4cc249ffc_amd64",
            "8Base-GitOps-1.3:openshift-gitops-1/kam-delivery-rhel8@sha256:c1aa038cbdef8e2eadb2fee362249aa85e5678a4367f9bdd4320de63e27ef705_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "argocd: ArgoCD will blindly trust JWT claims if anonymous access is enabled"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading...

Loading...

Loading...

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.